przez nisanosa 26 Maj 2015, 22:13
hijackthis.txt Startup Programs (KUBA) 2015-05-26 23.04.38.txt Addition.txt Extras.Txt OTL.Txt FRST.txtprzez ordynat 27 Maj 2015, 08:18
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.5 - Superfish) <==== ATTENTION
Reg: reg delete "HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MSC" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgua32.exe" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /f
Reg: reg delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem" /f
Task: {6CEC86A0-817C-4219-9EA9-9B7013267529} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files (x86)\Enigma Software Group
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
C:\Program Files (x86)\XTab
C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [643064 2014-09-17] (McAfee, Inc.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
HKU\S-1-5-21-1567690247-1463190379-2651780382-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?type=ds&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> {6E8DC48F-F32F-4B8C-A44B-097A5EA8DC38} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1567690247-1463190379-2651780382-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.istartsurf.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T&ts=1432653487&type=default&q={searchTerms}
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-18] (Thinknice Co. Limited)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-01-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-01-13] (McAfee, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-01-13] ()
c:\Program Files (x86)\McAfee
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-01-20]
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com/?type=sc&ts=1432653422&z=91a9631248a78dcc9363ad8g7z6c1o1qcw3cfzdodc&from=smt&uid=TOSHIBAXMQ01ABF050_158LWEK8TXX158LWEK8T
S2 0088941432668603mcinstcleanup; C:\WINDOWS\TEMP\008894~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-18] (XTab system)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-01-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.336.0\McCSPServiceHost.exe [422632 2014-11-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [697000 2015-05-26] (DTools LIMITED) <==== ATTENTION
S3 McODS; "C:\ProgramData\McAfee\Update\Installs\pkg_default\Download_Files\default\vso\vso_li_cat\%VSINSTALL_DIR64%\mcods.exe" [X]
S2 SpyHunter 4 Service; C:\PROGRA~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [X]
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R2 VDWFP; C:\WINDOWS\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish, Inc.)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\WINDOWS\Minidump\*.dmp
C:\spyhunter.fix
C:\shldr.mbr
C:\shldr
C:\ProgramData\IHProtectUpDate
C:\Program Files (x86)\XTab
C:\Users\Jakub\AppData\Roaming\istartsurf
C:\ProgramData\WindowsMangerProtect
C:\WINDOWS\System32\Tasks\SpyHunter4Startup
C:\Users\Jakub\Desktop\SpyHunter.lnk
C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
C:\sh4ldr
EmptyTemp:
DeleteQuarantine:
Użytkownicy przeglądający to forum: Brak zarejestrowanych użytkowników oraz 8 gości
